Office 365 Mobile Device Management

Last week, Microsoft released the new builtin Mobile Device Management (MDM) capabilities for Office 365.

With MDM for Office 365, the access to Office 365 data can be managed across a wide range of mobile devices, based on either iOS, Android or Windows Phone. The new MDM features are included in all Office 365 commercial plans, including Business, Enterprise, EDU and Government plans, at no additional cost.

The MDM for Office 365 provides additional capabilities to add further data security and works in three ways:

Conditional Access
Configure security policies on devices that connect to Office 365 to ensure that Office 365 corporate email and documents can be accessed only on phones and tablets that are managed by your company and are compliant. Office 365 uses Microsoft Intune and the Microsoft Azure Active Directory to deliver this capability.

Device management
Configure and manage security policies such as device-level pin lock and jailbreak detection to help prevent unauthorized users from accessing corporate email and data on a device when it is lost or stolen. Additional settings and rich reporting are also available within the Office 365 admin center to gain information about devices accessing the corporate data.

Selective wipe
Ensure protection of corporate data while providing flexibilty for the businesses to adopt a “bring your own device” (BYOD) approach to phones and tablets. Remove Office 365 company data from a compromized device while leaving the personal data in place.

For additional protection beyond the capabilities of MDM for Office 365, a subscription to Microsoft Intune, part of the Microsoft Enterprise Mobility Suite, will provide additional device and application management capabilities for phones, tablets and PCs. This includes the ability to restrict actions such as “cut”, “copy”, “paste” and “save as” to applications managed by Intune, thus helping keep corporate information even more secure.